Difference between revisions of "Samba server"
| Line 49: | Line 49: | ||
vim /etc/samba/smb.conf | vim /etc/samba/smb.conf | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| + | |||
Edit the following content: | Edit the following content: | ||
| − | |||
| − | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
Revision as of 10:18, 20 August 2014
Contents
Installation
Core packages
apt-get install samba samba-common libkrb5-3 winbind smbclient
apt-get install cifs-utilsSamba protocol is built upon Windows File Share. All windows versions since XP implements it, including Windows Server. Latest version implements higher specifications and security.
The CIFS protocol is also required as this is one of the default Windows Server share protocol.
apt-get install libcups2 cups cups-pdf
Usage
Edit configuration
vim /etc/samba/smb.conf
Service management
/etc/init.d/samba restart
Configuration check
testparm -sThe file content should appears, without any alerts.
The following configuration will make all shares available for a specific set of IP @ |or| the whole world.
vim /etc/samba/smb.conf
Edit the following content:
#======================= Global Settings =======================
[global]
### Browsing/Identification ###
workgroup = MYWORKGROUP
# server name. Windows = netbios ; all the world = server string
netbios name = MY_SERVER
server string = MY_SERVER
dns proxy = no
wins support = no
### Security ###
# Password level
encrypt passwords = true
# Sync password with current computer
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
# For Unix password sync to work on a Debian GNU/Linux system
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
# allow samba user to change his password
pam password change = yes
# Paranoid check. To forbidden some logins
#invalid users = vadmin
# If guests are not allowed, they should be tagged as 'bad user'
map to guest = bad user
# If guests are allowed, they should use the following account
guest account = myuser
# Allow users who've been granted usershare privileges to create public shares
usershare allow guests = yes
#### Networking ####
# allow local network and localhost only
# comment it out to make your server “open-bar” !
# Each IP or IP_range/submask must be separated by a space
allow hosts = 192.168.1.0/24 127.0.0.1
#### Debugging/Accounting ####
# This tells Samba to use a separate log file for each machine that connects
log file = /var/log/samba/log.%m
# Cap the size of the individual log files (in KiB).
max log size = 1000
# Log level in dedicated Samba log file
log level = 3
# log level in common Syslog (O.S log)
syslog = 3
# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d
############ Misc ############
# improve TCP connection
# socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# Improve file name management
preserve case = yes
short preserve case = no
#======================= Share Definitions =======================
[webserver]
comment = WEB-SERVER
path = /var/www
# Active share
available = yes
# Folder rights
browseable = yes
read only = no
writeable = yes
# Allow guests ?
guest ok = yes
public = yes
# Files permissions
## new file / directories permissions
## Use "2" to inherit permissions of the top directory
create mask = 2777
force create mode = 777
directory mask = 2777
# Do NOT follow symlinks for security reasons
follow symlinks = no
# Allow user to remove read-only files
delete readonly = yes
# Every new file must be part of a specific group "users" to avoid conflicts
force user = www-data
force group = www-data
# Do not be case sensitive to avoid Windows <> Linux conflicts
case sensitive = no
# hide Linux hidden files
hide dot files = yes
# specifics files / folder to hide
#veto files = /.*You have to duplicate the [webserver] section for each share. See other examples
TODO >> Join files !
